from boto3.session import Session
import datetime
#該方法驗證桶的權限，桶的創建者針對私有可讀可讀寫的桶都具備查看桶中文件的權限，可以刪除桶。非owner，私有的無法訪問，可讀的只能讀取桶中文件列表，無法修改桶，可讀寫的可以讀取桶中文件列表，可以修改桶
def test_lb(bname):
    access_key = "xxxxxxxxxxxxxxxxx"  #ak
    secret_key = "xxxxxxxxxxxxxxxxxxxxx"#sk
    url = "xxxxxxxxx"#云服務提供商的對象存儲服務的外網地址
    session = Session(access_key, secret_key)
    s3_client = session.client("s3", endpoint_url=url)
    response = s3_client.list_objects(Bucket=bname, MaxKeys=100)
    for obj in response["Contents"]:#驗證可讀
        print('object: %s  Size: %s Owner: %s' %(obj["Key"], obj["Size"], obj['Owner']['DisplayName']))
    response = s3_client.delete_bucket(Bucket=bname)#驗證可寫
    print("result"+response)
#該方法驗證文件的權限，桶的創建者對私有可讀可讀寫都可以獲取到指定文件信息。非owner,針對私有文件無法獲取到文件信息，可讀的可以獲取到，無法修改文件信息，可讀寫的可以獲取到，可以修改文件信息
def test_ob(bname,key):
    access_key = "xxxxxxxxxxxxxx"
    secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxx"
    url = "xxxxxxxxxx"#云服務提供商的對象存儲服務的外網地址
    session = Session(access_key, secret_key)
    s3_client = session.client("s3", endpoint_url=url)
    date = datetime.datetime(2021, 5, 1, 12, 17, 14)
    response = s3_client.get_object(#驗證文件可讀
        Bucket=bname, Key=key, IfModifiedSince=date
    )
    print(response)
    response = s3_client.put_object_tagging(#驗證文件可寫
        Bucket=bname,
        Key=key,
        VersionId='null',
        Tagging={
            'TagSet': [
                {
                    'Key': 'key-3',
                    'Value': 'val-3'
                }
            ]
        })
    print(response)
if __name__ == '__main__':
    test_lb('bucket-a198')
    test_ob('bucket-9a1a','test2/2.jpeg')